Amazon CLF-C02 Online Practice Questions and Exam Preparation

Amazon CLF-C02 Online Questions & Answers

• Question 251:

  Which options are AWS Cloud Adoption Framework (AWS CAF) governance perspective capabilities? (Choose two.)

  A. Identity and access management
  B. Cloud financial management
  C. Application portfolio management
  D. Innovation management
  E. Product management
  B. Cloud financial management
  C. Application portfolio management

  ---

  Explanation

• Question 252:

  A company wants to identify Amazon S3 buckets that are shared with another AWS account. Which AWS service or feature will meet these requirements?

  A. AWS Lake Formation
  B. IAM credential report
  C. Amazon CloudWatch
  D. IAM Access Analyzer
  D. IAM Access Analyzer

  ---

  Explanation

• Question 253:

  Which of the following does Amazon CloudFront use to distribute content to users around the world?

  A. Amazon VPC
  B. AWS Local Zones
  C. Edge locations
  D. Availability Zones
  C. Edge locations

  ---

  Explanation

  CloudFront delivers your content through a worldwide network of data centers called edge locations. The regional edge caches are located between your origin web server and the global edge locations that serve content directly to your viewers.

• Question 254:

  Which of the following describes an AWS Region?

  A. A specific location within a geographic area that provides high availability
  B. A set of data centers spanning multiple countries
  C. A global picture of a user's cloud computing environment
  D. A collection of databases that can be accessed from a specific geographic area only
  A. A specific location within a geographic area that provides high availability

  ---

  Explanation

  An AWS Region is a specific location within a geographic area that provides high availability. An AWS Region consists of two or more Availability Zones, which are isolated locations within the same Region. Each Availability Zone has independent power, cooling, and physical security, and is connected to the other Availability Zones in the same Region by low-latency, high-throughput, and highly redundant networking. AWS services are available in multiple Regions around the world, allowing the user to choose where to run their applications and store their data1.

• Question 255:

  A company wants to deploy an application in multiple Availability Zones in a single AWS Region. Which benefit will this deployment provide to the company?

  A. Improved connection performance for global customers
  B. Resilient architecture and a highly available solution
  C. Reduced overall data storage costs
  D. Ability to shut down an Availability Zone during periods of low demand
  B. Resilient architecture and a highly available solution

  ---

  Explanation

• Question 256:

  A company is using Amazon RDS.

  A company is launching a critical business application in an AWS Region.

  How can the company increase resilience for this application?

  A. Deploy a copy of the application in another AWS account.
  B. Deploy the application by using multiple VPCs.
  C. Deploy the application by using multiple subnets.
  D. Deploy the application by using multiple Availability Zones.
  D. Deploy the application by using multiple Availability Zones.

  ---

  Explanation

  Deploying the application by using multiple Availability Zones is the best way to increase resilience for the application. According to the Amazon RDS User Guide, "Amazon RDS provides high availability and failover support for DB instances using Multi- AZ deployments. In a Multi-AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. The primary DB instance is synchronously replicated across Availability Zones to a standby replica to provide data redundancy, eliminate I/O freezes, and minimize latency spikes during system backups."4 Deploying a copy of the application in another AWS account, using multiple VPCs, or using multiple subnets do not provide the same level of resilience as using multiple Availability Zones.

• Question 257:

  Which AWS service is deployed to VPCs and provides protection from common network threats?

  A. AWSShield
  B. AWSWAF
  C. AWS Network Firewall
  D. AWS FirewallManager
  C. AWS Network Firewall

  ---

  Explanation

  AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs). The service can be set up with just a few clicks from the AWS console or using APIs. AWS Network Firewall automatically scales with your network traffic, so you don't have to worry about deploying and managing any infrastructure. AWS Network Firewall provides protection from common network threats such as SQL injection, cross-site scripting, and DDoS attacks.

• Question 258:

  A company needs to design an AWS disaster recovery plan to cover multiple geographic areas. Which action will meet this requirement?

  A. Configure multiple AWS accounts.
  B. Configure the architecture across multiple Availability Zones in an AWS Region.
  C. Configure the architecture across multiple AWS Regions.
  D. Configure the architecture among many edge locations.
  C. Configure the architecture across multiple AWS Regions.

  ---

  Explanation

• Question 259:

  Which AWS service or feature can a company use to create a private, secured, and scalable network environment in the AWS Cloud?

  A. Amazon Elastic Container Service (Amazon ECS)
  B. Amazon S3
  C. Amazon VPC
  D. Route tables
  C. Amazon VPC

  ---

  Explanation

• Question 260:

  Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?

  A. Amazon Route 53
  B. Amazon Macie
  C. AWS Direct Connect
  D. AWS PrivateLink
  C. AWS Direct Connect

  ---

  Explanation

  Direct connect is for private dedicated connection between on premise and AWS.

  PrivateLink is used when you comunicate with third party VPC and it Requires a network load balancer (Service VPC) and ENI (Customer VPC)